Lucene search

K

Sermon'e – Sermons Online Security Vulnerabilities

nessus
nessus

FreeBSD : chromium -- multiple security fixes (453aa0fc-2d91-11ef-8a0f-a8a1599412c6)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 453aa0fc-2d91-11ef-8a0f-a8a1599412c6 advisory. Chrome Releases reports: This update includes 21 security fixes: Tenable has extracted the...

8.8CVSS

8.3AI Score

0.001EPSS

2024-06-19 12:00 AM
2
cve
cve

CVE-2024-6116

A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file edit_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be...

7.3CVSS

7.2AI Score

0.0004EPSS

2024-06-18 02:15 PM
24
nvd
nvd

CVE-2024-6116

A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file edit_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be...

7.3CVSS

0.0004EPSS

2024-06-18 02:15 PM
1
vulnrichment
vulnrichment

CVE-2024-6116 itsourcecode Simple Online Hotel Reservation System edit_room.php unrestricted upload

A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file edit_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be...

7.3CVSS

7.1AI Score

0.0004EPSS

2024-06-18 01:31 PM
2
cvelist
cvelist

CVE-2024-6116 itsourcecode Simple Online Hotel Reservation System edit_room.php unrestricted upload

A vulnerability, which was classified as critical, has been found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this issue is some unknown functionality of the file edit_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack may be...

7.3CVSS

0.0004EPSS

2024-06-18 01:31 PM
2
thn
thn

Cybercriminals Exploit Free Software Lures to Deploy Hijack Loader and Vidar Stealer

Threat actors are luring unsuspecting users with free or pirated versions of commercial software to deliver a malware loader called Hijack Loader, which then deploys an information stealer known as Vidar Stealer. "Adversaries had managed to trick users into downloading password-protected archive...

7.3AI Score

2024-06-18 01:30 PM
9
nvd
nvd

CVE-2024-6115

A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file add_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be launched...

7.3CVSS

0.0004EPSS

2024-06-18 01:15 PM
cve
cve

CVE-2024-6115

A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file add_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be launched...

7.3CVSS

7.3AI Score

0.0004EPSS

2024-06-18 01:15 PM
21
nvd
nvd

CVE-2024-6112

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument log_email leads to sql injection. The attack can be initiated remotely. The exploit has...

7.3CVSS

0.0004EPSS

2024-06-18 01:15 PM
2
cve
cve

CVE-2024-6111

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-06-18 01:15 PM
22
nvd
nvd

CVE-2024-6111

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

7.3CVSS

0.0004EPSS

2024-06-18 01:15 PM
1
cve
cve

CVE-2024-6114

A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online Reservation System up to 1.0. Affected is an unknown function of the file controller.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack...

7.3CVSS

7.3AI Score

0.0004EPSS

2024-06-18 01:15 PM
21
cve
cve

CVE-2024-6112

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument log_email leads to sql injection. The attack can be initiated remotely. The exploit has...

7.3CVSS

7.6AI Score

0.0004EPSS

2024-06-18 01:15 PM
21
nvd
nvd

CVE-2024-6114

A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online Reservation System up to 1.0. Affected is an unknown function of the file controller.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack...

7.3CVSS

0.0004EPSS

2024-06-18 01:15 PM
1
malwarebytes
malwarebytes

43% of couples experience pressure to share logins and locations, Malwarebytes finds

All isn’t fair in love and romance today, as 43% of people in a committed relationship said they have felt pressured by their own partners to share logins, passcodes, and/or locations. A worrying 7% admitted that this type of pressure has included the threat of breaking up or the threat of...

6.8AI Score

2024-06-18 01:00 PM
4
cvelist
cvelist

CVE-2024-6115 itsourcecode Simple Online Hotel Reservation System add_room.php unrestricted upload

A vulnerability classified as critical was found in itsourcecode Simple Online Hotel Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the file add_room.php. The manipulation of the argument photo leads to unrestricted upload. The attack can be launched...

7.3CVSS

0.0004EPSS

2024-06-18 01:00 PM
cvelist
cvelist

CVE-2024-6114 itsourcecode Monbela Tourist Inn Online Reservation System controller.php unrestricted upload

A vulnerability classified as critical has been found in itsourcecode Monbela Tourist Inn Online Reservation System up to 1.0. Affected is an unknown function of the file controller.php. The manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack...

7.3CVSS

0.0004EPSS

2024-06-18 01:00 PM
1
cvelist
cvelist

CVE-2024-6112 itsourcecode Pool of Bethesda Online Reservation System index.php sql injection

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument log_email leads to sql injection. The attack can be initiated remotely. The exploit has...

7.3CVSS

0.0004EPSS

2024-06-18 12:31 PM
2
vulnrichment
vulnrichment

CVE-2024-6112 itsourcecode Pool of Bethesda Online Reservation System index.php sql injection

A vulnerability classified as critical was found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This vulnerability affects unknown code of the file index.php. The manipulation of the argument log_email leads to sql injection. The attack can be initiated remotely. The exploit has...

7.3CVSS

7.8AI Score

0.0004EPSS

2024-06-18 12:31 PM
2
vulnrichment
vulnrichment

CVE-2024-6111 itsourcecode Pool of Bethesda Online Reservation System login.php sql injection

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

7.3CVSS

7.7AI Score

0.0004EPSS

2024-06-18 12:31 PM
1
cvelist
cvelist

CVE-2024-6111 itsourcecode Pool of Bethesda Online Reservation System login.php sql injection

A vulnerability classified as critical has been found in itsourcecode Pool of Bethesda Online Reservation System 1.0. This affects an unknown part of the file login.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

7.3CVSS

0.0004EPSS

2024-06-18 12:31 PM
1
nvd
nvd

CVE-2024-6110

A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may...

7.3CVSS

0.0004EPSS

2024-06-18 12:15 PM
1
cve
cve

CVE-2024-6110

A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may...

7.3CVSS

7.2AI Score

0.0004EPSS

2024-06-18 12:15 PM
22
cvelist
cvelist

CVE-2024-6110 itsourcecode Magbanua Beach Resort Online Reservation System controller.php unrestricted upload

A vulnerability was found in itsourcecode Magbanua Beach Resort Online Reservation System up to 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file controller.php. The manipulation of the argument image leads to unrestricted upload. The attack may...

7.3CVSS

0.0004EPSS

2024-06-18 11:31 AM
2
securelist
securelist

Analysis of user password strength

The processing power of computers keeps growing, helping users to solve increasingly complex problems faster. A side effect is that passwords that were impossible to guess just a few years ago can be cracked by hackers within mere seconds in 2024. For example, the RTX 4090 GPU is capable of...

6.9AI Score

2024-06-18 11:30 AM
3
nvd
nvd

CVE-2024-1634

The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...

6.5CVSS

0.0005EPSS

2024-06-18 03:15 AM
4
cve
cve

CVE-2024-1634

The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...

6.5CVSS

6.3AI Score

0.0005EPSS

2024-06-18 03:15 AM
22
vulnrichment
vulnrichment

CVE-2024-1634 Scheduling Plugin – Online Booking for WordPress <= 3.5.10 - Missing Authorization to Unauthenticated Service Disconnection

The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...

6.5CVSS

6.8AI Score

0.0005EPSS

2024-06-18 02:37 AM
cvelist
cvelist

CVE-2024-1634 Scheduling Plugin – Online Booking for WordPress <= 3.5.10 - Missing Authorization to Unauthenticated Service Disconnection

The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated attackers to...

6.5CVSS

0.0005EPSS

2024-06-18 02:37 AM
2
cve
cve

CVE-2024-6084

A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1.0 and classified as critical. Affected by this vulnerability is the function uploadImage of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to...

7.3CVSS

6.5AI Score

0.0004EPSS

2024-06-18 01:15 AM
29
nvd
nvd

CVE-2024-6084

A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1.0 and classified as critical. Affected by this vulnerability is the function uploadImage of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to...

7.3CVSS

0.0004EPSS

2024-06-18 01:15 AM
3
vulnrichment
vulnrichment

CVE-2024-6084 itsourcecode Pool of Bethesda Online Reservation System uploadImage unrestricted upload

A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1.0 and classified as critical. Affected by this vulnerability is the function uploadImage of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to...

7.3CVSS

7.2AI Score

0.0004EPSS

2024-06-18 12:31 AM
cvelist
cvelist

CVE-2024-6084 itsourcecode Pool of Bethesda Online Reservation System uploadImage unrestricted upload

A vulnerability has been found in itsourcecode Pool of Bethesda Online Reservation System up to 1.0 and classified as critical. Affected by this vulnerability is the function uploadImage of the file /admin/mod_room/controller.php?action=add. The manipulation of the argument image leads to...

7.3CVSS

0.0004EPSS

2024-06-18 12:31 AM
3
nvd
nvd

CVE-2024-6065

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument user_email leads to sql injection. The attack may be initiated remotely. The exploit has...

7.3CVSS

0.0004EPSS

2024-06-17 09:15 PM
4
cve
cve

CVE-2024-6065

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument user_email leads to sql injection. The attack may be initiated remotely. The exploit has...

7.3CVSS

7.5AI Score

0.0004EPSS

2024-06-17 09:15 PM
22
vulnrichment
vulnrichment

CVE-2024-6065 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument user_email leads to sql injection. The attack may be initiated remotely. The exploit has...

7.3CVSS

7.6AI Score

0.0004EPSS

2024-06-17 09:00 PM
3
cvelist
cvelist

CVE-2024-6065 itsourcecode Bakery Online Ordering System index.php sql injection

A vulnerability was found in itsourcecode Bakery Online Ordering System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument user_email leads to sql injection. The attack may be initiated remotely. The exploit has...

7.3CVSS

0.0004EPSS

2024-06-17 09:00 PM
malwarebytes
malwarebytes

(Almost) everything you always wanted to know about cybersecurity, but were too afraid to ask, with Tjitske de Vries: Lock and Code S05E13

This week on the Lock and Code podcast… Ready to know what Malwarebytes knows? Ask us your questions and get some answers. What is a passphrase and what makes it—what’s the word? Strong? Every day, countless readers, listeners, posters, and users ask us questions about some of the most commonly...

7.3AI Score

2024-06-17 04:17 PM
3
nvd
nvd

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php...

0.0004EPSS

2024-06-17 02:15 PM
3
cve
cve

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php...

8.5AI Score

0.0004EPSS

2024-06-17 02:15 PM
20
cvelist
cvelist

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php...

0.0004EPSS

2024-06-17 12:00 AM
1
vulnrichment
vulnrichment

CVE-2024-37848

SQL Injection vulnerability in Online-Bookstore-Project-In-PHP v1.0 allows a local attacker to execute arbitrary code via the admin_delete.php...

8.4AI Score

0.0004EPSS

2024-06-17 12:00 AM
wpvulndb
wpvulndb

Scheduling Plugin – Online Booking for WordPress <= 3.5.10 - Missing Authorization to Unauthenticated Service Disconnection

Description The Scheduling Plugin – Online Booking for WordPress plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the 'cbsb_disconnect_settings' function in all versions up to, and including, 3.5.10. This makes it possible for unauthenticated...

6.5CVSS

6.6AI Score

0.0005EPSS

2024-06-17 12:00 AM
thn
thn

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

Law enforcement authorities have allegedly arrested a key member of the notorious cybercrime group called Scattered Spider. The individual, a 22-year-old man from the United Kingdom, was arrested this week in the Spanish city of Palma de Mallorca as he attempted to board a flight to Italy. The...

7.3AI Score

2024-06-16 04:31 AM
14
nessus
nessus

FreeBSD : go -- multiple vulnerabilities (a5c64f6f-2af3-11ef-a77e-901b0e9408dc)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the a5c64f6f-2af3-11ef-a77e-901b0e9408dc advisory. The Go project reports: archive/zip: mishandling of corrupt central directory record The...

9.8CVSS

8AI Score

0.001EPSS

2024-06-16 12:00 AM
5
nessus
nessus

FreeBSD : traefik -- Unexpected behavior with IPv4-mapped IPv6 addresses (219aaa1e-2aff-11ef-ab37-5404a68ad561)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 219aaa1e-2aff-11ef-ab37-5404a68ad561 advisory. The traefik authors report: There is a vulnerability in Go managing various Is methods ...

9.8CVSS

9.4AI Score

0.001EPSS

2024-06-16 12:00 AM
3
krebs
krebs

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today...

7.8AI Score

2024-06-15 11:40 PM
21
cve
cve

CVE-2024-6016

A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file admin_class.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-15 07:15 PM
27
nvd
nvd

CVE-2024-6016

A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file admin_class.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely.....

6.3CVSS

0.0004EPSS

2024-06-15 07:15 PM
2
vulnrichment
vulnrichment

CVE-2024-6016 itsourcecode Online Laundry Management System admin_class.php sql injection

A vulnerability, which was classified as critical, has been found in itsourcecode Online Laundry Management System 1.0. Affected by this issue is some unknown functionality of the file admin_class.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely.....

6.3CVSS

6.8AI Score

0.0004EPSS

2024-06-15 06:31 PM
1
Total number of security vulnerabilities42683